WO2020197096A1 - Système et procédé de gestion de l'utilisation d'une application infonuagique - Google Patents

Système et procédé de gestion de l'utilisation d'une application infonuagique Download PDF

Info

Publication number
WO2020197096A1
WO2020197096A1 PCT/KR2020/002439 KR2020002439W WO2020197096A1 WO 2020197096 A1 WO2020197096 A1 WO 2020197096A1 KR 2020002439 W KR2020002439 W KR 2020002439W WO 2020197096 A1 WO2020197096 A1 WO 2020197096A1
Authority
WO
WIPO (PCT)
Prior art keywords
management server
application
security policy
cloud
user
Prior art date
Application number
PCT/KR2020/002439
Other languages
English (en)
Korean (ko)
Inventor
윤여웅
고갑승
박관렬
Original Assignee
(주)한국아이티평가원
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by (주)한국아이티평가원 filed Critical (주)한국아이티평가원
Publication of WO2020197096A1 publication Critical patent/WO2020197096A1/fr

Links

Images

Classifications

    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/50Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • GPHYSICS
    • G06COMPUTING; CALCULATING OR COUNTING
    • G06FELECTRIC DIGITAL DATA PROCESSING
    • G06F21/00Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
    • G06F21/60Protecting data
    • G06F21/604Tools and structures for managing or administering access control systems

Definitions

  • Embodiments of the present invention relate to a system and method for managing the use of cloud-based applications.
  • Cloud computing technology is attracting attention in terms of high-capacity, high-speed processing, and near-infinite use of IT resources that are out of the limits of personal computers.
  • cloud computing technology is expected to be used in various fields due to advantages such as high efficiency, low cost, management expertise, and convenience due to the intensive IT service.
  • Patent Document Republic of Korea Patent Publication No. 10-2018-0118874 (2018.11.01)
  • the cloud-based application usage management system is for obtaining visibility of the use of the cloud-based application and controlling the cloud-based application according to a security policy.
  • the cloud-based application usage management system requests the use of one or more applications to a management server and provides them to a user, collects logs related to the use of the applications, and transmits them to the management server.
  • a security policy for the one or more applications is input from the user terminal and the administrator, it is determined whether the use request conforms to the security policy, and when the use request conforms to the security policy, the one And a management server that provides use of the application to more than one user terminal, and provides use information for the at least one application to the administrator by analyzing the log.
  • the management server provides a security policy violation message to the one or more user terminals when the use request does not conform to the security policy as a result of the determination, and the one or more user terminals transmits the provided security policy violation message. You can print it out as a user.
  • the management server may each receive a security policy for each of the one or more user terminals from the administrator, or group the one or more user terminals into one or more groups, and receive a security policy for each of the one or more groups.
  • the management server may each receive a security policy for each of the one or more applications from the administrator, or group the one or more applications into one or more groups, and receive a security policy for each of the one or more groups.
  • the management server analyzes the log and, when the use of the application includes abnormal use including hacking, stops the use of the application provided to the one or more user terminals, and outputs a hacking risk message to the administrator. I can.
  • the cloud-based application usage management method performed by the cloud-based application usage management system includes, in a management server, receiving a security policy for one or more applications from an administrator, and one or more user terminals. In, requesting the use of the one or more applications to the management server, collecting logs related to the use of the application from the one or more user terminals and transmitting the logs to the management server, the management server, the use request Determining whether or not the security policy is met, in the management server, providing the use of the application to the at least one user terminal when the request for use meets the security policy as a result of the determination, the at least one At a user terminal, providing use of the application to a user, and analyzing the log at the management server and providing usage information on the at least one application to the administrator.
  • the use management system for a cloud-based application it is to solve the security problem according to the cloud technology by obtaining and controlling the visibility of the use of the cloud-based application.
  • FIG. 1 is a block diagram illustrating a system for managing use of a cloud-based application according to an embodiment of the present invention.
  • FIG. 2 is a view for explaining a method of providing the use of an application to a user in the use management system of a cloud-based application according to an embodiment of the present invention
  • FIG. 3 is a view for explaining a method of outputting a security policy violation message to a user in a use management system for a cloud-based application according to an embodiment of the present invention
  • FIG. 4 is a view for explaining a method of outputting a hacking risk message to an administrator in a use management system for a cloud-based application according to an embodiment of the present invention
  • FIG. 5 is a flowchart of a method for managing use of a cloud-based application performed by the use management system for a cloud-based application according to an embodiment of the present invention
  • FIG. 1 is a block diagram illustrating a system 100 for managing use of a cloud-based application according to an embodiment of the present invention.
  • the cloud-based application usage management system 100 receives a security policy from the administrator 110, and a cloud-based application to the user 102 according to the input security policy.
  • a system for providing the use of it includes one or more user terminals 104 and a management server 108.
  • the user terminal 104 may include various types of devices having a data communication function and an information processing function through a network, such as, for example, a tablet PC, a smart phone, or a personal digital assistant (PDA).
  • the user 102 may be a person who wants to use a cloud-based application
  • the manager 110 may be a person who manages the use of the cloud-based application.
  • Each of the user terminals 104 and the management server 108 may be connected via a network 106, and the network 104 may be, for example, the Internet, one or more local area networks, and a wide area network. area networks), cellular networks, mobile networks, and wired or wireless networks such as low-power wide-area networks (LPWANs).
  • LPWANs low-power wide-area networks
  • One or more user terminals 104 request the use of one or more applications to the management server 108 and provide the requests to the user 102.
  • the management server 108 may manage one or more cloud-based applications, and the user terminal 104 may request the management server 108 to use the application at the request of the user 102. In addition, the user terminal 104 may provide the application to the user 102 when the use of the application is provided from the management server 108.
  • One or more user terminals 104 collect and transmit logs related to the use of one or more applications to the management server 108.
  • the user terminal 104 may collect a request for use of an application requested by the user 102 and logs generated as the user 102 uses the application.
  • the user terminal 104 may transmit logs to the management server 108 every preset period, or may transmit logs to the management server 108 whenever a new log is collected.
  • the management server 108 receives a security policy for one or more applications from the manager 110.
  • the security policy may be a policy for restricting the use of an application for security, such as a function of an application or access to an application.
  • the management server 108 may receive different security policies for each of one or more applications managed by the management server 108.
  • the management server 108 may each receive a security policy for each of one or more applications from the manager 110.
  • the management server 108 may group one or more applications into one or more groups, and receive a security policy for each one or more groups from the administrator 110.
  • the management server 108 may receive different security policies for each of the user terminals 104.
  • the management server 108 may receive each security policy for each user terminal 104 from the manager 110.
  • the management server 108 may group one or more user terminals 104 into one or more groups, and receive security policies for each one or more groups from the administrator 110.
  • the management server 108 determines whether the application use request from the user terminal 104 conforms to the security policy input through the manager 110, and as a result of the determination, the application use request from the user terminal 104 conforms to the security policy. If so, the use of the application is provided to one or more user terminals 104. At this time, when it is determined that the application use request of the user terminal 104 does not conform to the security policy as a result of the determination, the management server 108 provides a security policy violation message to the user terminal 104. In this case, the user terminal 104 may output a security policy violation message provided from the management server 108 to the user 102.
  • the management server 108 receives a first request for use of the first application. It can be determined whether or not the security policy for the application is met.
  • one or more user terminals 104 may request the management server 108 to execute a function related to the use of the first application (eg, a photo taking function using the first application, etc.), and the management server 108 ) Can determine whether these requests comply with the security policy.
  • the management server 108 when the use of one or more applications is requested to the management server 108 from a specific user terminal (eg, the first user terminal 104-1), the management server 108 For example, it may be determined whether the application use of the first user terminal 104-1) conforms to the security policy.
  • the management server 108 analyzes the log received from the user terminal 104 and provides usage information for one or more applications to the manager 110.
  • the usage information for one or more applications includes, for example, information on the application being used by each user terminal, traffic information by date and time of each application, traffic information by user terminal of each application, and each application being used. It may include information on the user terminal, information on the application usage time of each user terminal, and the like.
  • the management server 108 analyzes the log received from the user terminal 104, and when the application use of the user terminal 104 includes abnormal use, including hacking, what is provided to one or more user terminals 104 The use of the application may be stopped, and a hacking risk message may be output to the manager 110.
  • the management server 108 uses, for example, a security analysis framework such as an open SOC framework, whether the use of the application of the user terminal 104 includes an abnormal behavior such as, for example, hacking. You can judge whether or not.
  • a security analysis framework such as an open SOC framework
  • the management server 108 is hacked including information on the user terminal 104 and the application being used by the user terminal 104 A risk message can be output to the manager 110.
  • the management server 108 uses an application such that a specific user terminal (for example, the second user terminal 104-2 continuously contains abnormal behavior, the corresponding user terminal (for example, the second user terminal) A hacking risk message including information on (104-2)) and information on the number of times the application is used to include an abnormal behavior may be output to the manager 110.
  • a specific user terminal for example, the second user terminal 104-2 continuously contains abnormal behavior
  • the corresponding user terminal for example, the second user terminal
  • a hacking risk message including information on (104-2)) and information on the number of times the application is used to include an abnormal behavior may be output to the manager 110.
  • FIG. 2 is a view for explaining a method of providing the use of an application to a user 102 in the cloud-based application use management system 100 according to an embodiment of the present invention.
  • the management server 108 may receive a security policy for an application from the manager 110 (202) and apply the input security policy to the application (204).
  • the user terminal 104 may receive a request for use of the application from the user 102 (206), and may request the use of the application to the management server 108 (208). In addition, the user terminal 104 may collect 210 logs related to the use of the application, and provide the collected logs to the management server 108 (212).
  • the management server 108 determines whether the application use request from the user terminal 104 conforms to the security policy (214), and provides the use of the application to the user terminal 104 when the application use request conforms to the security policy. Can do it (216). Accordingly, the user terminal 104 may provide the use of the application to the user 102 (218).
  • the management server 108 may analyze the log provided from the user terminal 104 (220) and provide information related to application use to the manager 110 (222).
  • FIG 3 is a view for explaining a method of outputting a security policy violation message to a user 102 in the cloud-based application usage management system 100 according to an embodiment of the present invention.
  • the management server 108 To provide a security policy violation message (316).
  • the user terminal 104 may output a security policy violation message to the user 102 (318).
  • FIG. 4 is a view for explaining a method of outputting a hacking risk message to the manager 110 in the cloud-based application usage management system 100 according to an embodiment of the present invention.
  • FIG. 4 shows a process after it is determined that the application use request of the user terminal 104 conforms to the security policy.
  • the user terminal 104 may receive application use from the management server 108 and provide it to the user 102 (402, 404). In addition, the user terminal 104 may collect logs related to the application usage of the user 102 and provide them to the management server 108 (406, 408).
  • the management server 108 may analyze the log provided from the user terminal 104 (410). At this time, as a result of the log analysis, if the application use of the user terminal 104 includes an abnormal use such as, for example, hacking, the management server 108 stops providing the application use (412), and hacks to the administrator 110 A danger message may be output (414).
  • an abnormal use such as, for example, hacking
  • FIG. 5 is a flowchart of a method for managing use of a cloud-based application performed by the system 100 for managing use of a cloud-based application according to an embodiment of the present invention.
  • the management server 108 receives a security policy for one or more applications from the manager 110 (502). At this time, the management server 108 receives each security policy for each of the one or more user terminals 104 from the administrator 110, or groups the one or more user terminals 104 into one or more groups, and secures each of one or more groups. Policy can be entered. In addition, the management server 108 may each receive a security policy for each of one or more applications from the administrator 110, group one or more applications into one or more groups, and receive a security policy for each of one or more groups.
  • One or more user terminals 104 request the use of one or more applications to the management server 108 (504).
  • At least one user terminal 104 collects and transmits the log related to the use of the application to the management server 108 (506).
  • the management server 108 determines whether the application use request from the user terminal 104 conforms to the security policy (508).
  • the management server 108 provides the use of the application to one or more user terminals 104 when the request for using the application from the user terminal 104 satisfies the security policy (510). In this case, as a result of the determination, if the application use request of the user terminal 104 does not conform to the security policy, the management server 108 may provide a security policy violation message to one or more user terminals 104.
  • One or more user terminals 104 provide (512) the use of an application to a user (102). At this time, when a security policy violation message is provided from the management server 108, one or more user terminals 104 output a security policy violation message to the user 102.
  • the management server 108 analyzes the log provided from the user terminal 102 and provides usage information for one or more applications to the manager 110 (514). At this time, the management server 108 analyzes the log provided from the user terminal 102 and, when the use of the application of the user terminal 102 includes abnormal use including hacking, the application that was provided to one or more user terminals 104 It is possible to stop the use of and output a hacking risk message to the manager 110.
  • the method is described by dividing the method into a plurality of steps, but at least some of the steps are performed in a different order, combined with other steps, performed together, omitted, or divided into detailed steps. Or, one or more steps not shown may be added and performed.
  • ICT security services intelligent HR services with advantages such as high efficiency, low cost, management expertise, and convenience due to the concentration of IT services related to cloud computing technology It is believed that it can be applied to various industrial technology fields such as services.

Landscapes

  • Engineering & Computer Science (AREA)
  • Theoretical Computer Science (AREA)
  • Computer Security & Cryptography (AREA)
  • Software Systems (AREA)
  • General Physics & Mathematics (AREA)
  • General Engineering & Computer Science (AREA)
  • Physics & Mathematics (AREA)
  • Computer Hardware Design (AREA)
  • Health & Medical Sciences (AREA)
  • Bioethics (AREA)
  • General Health & Medical Sciences (AREA)
  • Automation & Control Theory (AREA)
  • Storage Device Security (AREA)

Abstract

L'invention concerne un système et un procédé de gestion de l'utilisation d'une application infonuagique. Un système de gestion de l'utilisation d'une application infonuagique selon des modes de réalisation de la présente invention comprend : au moins un terminal d'utilisateur qui demande l'utilisation d'au moins une application à partir d'un serveur de gestion, fournit celle-ci à un utilisateur et collecte un journal relatif à l'utilisation d'une application pour transmettre le journal au serveur de gestion ; et le serveur de gestion, qui reçoit une entrée d'une politique de sécurité sur ladite application de la part d'un administrateur, détermine si une demande d'utilisation satisfait ou non la politique de sécurité, fournit l'utilisation d'une application audit terminal d'utilisateur lorsque la demande d'utilisation satisfait la politique de sécurité en conséquence de la détermination, et analyse le journal pour fournir des informations d'utilisation de ladite application à l'administrateur.
PCT/KR2020/002439 2019-03-28 2020-02-20 Système et procédé de gestion de l'utilisation d'une application infonuagique WO2020197096A1 (fr)

Applications Claiming Priority (2)

Application Number Priority Date Filing Date Title
KR10-2019-0035628 2019-03-28
KR1020190035628A KR102212806B1 (ko) 2019-03-28 2019-03-28 클라우드 기반 어플리케이션의 이용 관리 방법

Publications (1)

Publication Number Publication Date
WO2020197096A1 true WO2020197096A1 (fr) 2020-10-01

Family

ID=72608634

Family Applications (1)

Application Number Title Priority Date Filing Date
PCT/KR2020/002439 WO2020197096A1 (fr) 2019-03-28 2020-02-20 Système et procédé de gestion de l'utilisation d'une application infonuagique

Country Status (2)

Country Link
KR (1) KR102212806B1 (fr)
WO (1) WO2020197096A1 (fr)

Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20090044202A (ko) * 2007-10-31 2009-05-07 주식회사 이븐스타 웹페이지의 우회침입 탐지 및 매개변수 변조 침입 탐지를이용한 웹 보안 서비스 방법 및 그 시스템
KR101403626B1 (ko) * 2013-08-14 2014-06-03 (주) 뉴코 클라우드 컴퓨팅 환경에서의 스마트 단말 통합 보안 관리 방법
KR20150052010A (ko) * 2012-08-31 2015-05-13 휴렛-팩커드 디벨롭먼트 컴퍼니, 엘.피. 클라우드 플랫폼을 구현하기 위한 네트워크 시스템
KR20170036392A (ko) * 2015-09-24 2017-04-03 삼성전자주식회사 통신 시스템에서 정보 보호 장치 및 방법
JP2018518762A (ja) * 2015-05-28 2018-07-12 オラクル・インターナショナル・コーポレイション 自動異常検出および解決システム

Family Cites Families (1)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR101949196B1 (ko) 2017-04-24 2019-02-19 (주)유엠로직스 프라이빗 보안통제 브로커 시스템 및 그 보안통제 방법

Patent Citations (5)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
KR20090044202A (ko) * 2007-10-31 2009-05-07 주식회사 이븐스타 웹페이지의 우회침입 탐지 및 매개변수 변조 침입 탐지를이용한 웹 보안 서비스 방법 및 그 시스템
KR20150052010A (ko) * 2012-08-31 2015-05-13 휴렛-팩커드 디벨롭먼트 컴퍼니, 엘.피. 클라우드 플랫폼을 구현하기 위한 네트워크 시스템
KR101403626B1 (ko) * 2013-08-14 2014-06-03 (주) 뉴코 클라우드 컴퓨팅 환경에서의 스마트 단말 통합 보안 관리 방법
JP2018518762A (ja) * 2015-05-28 2018-07-12 オラクル・インターナショナル・コーポレイション 自動異常検出および解決システム
KR20170036392A (ko) * 2015-09-24 2017-04-03 삼성전자주식회사 통신 시스템에서 정보 보호 장치 및 방법

Also Published As

Publication number Publication date
KR20200114237A (ko) 2020-10-07
KR102212806B1 (ko) 2021-02-08

Similar Documents

Publication Publication Date Title
Logeshwaran et al. The role of integrated structured cabling system (ISCS) for reliable bandwidth optimization in high-speed communication network
US7315903B1 (en) Self-configuring server and server network
WO2012077944A2 (fr) Système d'identification de terminaux partagés utilisant un paquet de réseau et son procédé de traitement
WO2012121482A2 (fr) Dispositif et procédé de traitement de cryptage de données d'un système de stockage de nuages
WO2018010269A1 (fr) Procédé et dispositif de traitement de message
WO2013122360A1 (fr) Procédé, système et support d'enregistrement pour analyser une configuration de réseau dynamique d'application mobile
CN1649309A (zh) 网络管理方法和系统以及计算机
WO2016148483A1 (fr) Appareil et procédé de gestion d'énergie domestique au moyen d'une balise dans un système de gestion d'énergie domestique
WO2018182065A1 (fr) Procédé d'association d'abonnement à ressources multiples dans un système m2m
WO2020197096A1 (fr) Système et procédé de gestion de l'utilisation d'une application infonuagique
WO2024005565A1 (fr) Procédé, système, et support d'enregistrement non transitoire lisible par ordinateur de fourniture de service de messagerie
WO2017164446A1 (fr) Système et procédé d'analyse et de fourniture de données de capteur basées sur ido
WO2017078462A1 (fr) Procédé et dispositif pour fournir des données dans un système multimédia
WO2023017953A1 (fr) Procédé et système d'automatisation de spécification d'api standard pour la distribution de données entre des systèmes hétérogènes
WO2010024565A2 (fr) Procédé pour fournir un portail collaboratif et système de portail collaboratif mettant en oeuvre ce procédé
CN114125024B (zh) 音频传输方法、电子设备及可读存储介质
WO2013122361A1 (fr) Procédé, système et support d'enregistrement pour gérer des informations sur les politiques en vue de réduire la charge du réseau
WO2015068897A1 (fr) Procédé permettant de relayer un serveur de cloud
WO2019107596A1 (fr) Procédé de configuration d'une api de contrôle de données basée sur l'onem2m
WO2014193081A1 (fr) Système et procédé de gestion des limites de service
WO2015080378A1 (fr) Procédé pour identifier un terminal de partage et système correspondant
WO2013065887A1 (fr) Système de sécurité pour réseau de communication mobile
WO2018016798A1 (fr) Dispositif de gestion de sécurité et procédé de gestion de sécurité permettant de gérer la sécurité d'un terminal client
WO2023182591A1 (fr) Système de solution de surveillance hybride et surveillance de serveurs l'utilisant
WO2014025224A1 (fr) Appareil et procédé de détection de modèle de paquet d'application correspondant à une interception de paquet et support d'enregistrement

Legal Events

Date Code Title Description
121 Ep: the epo has been informed by wipo that ep was designated in this application

Ref document number: 20779493

Country of ref document: EP

Kind code of ref document: A1

NENP Non-entry into the national phase

Ref country code: DE

122 Ep: pct application non-entry in european phase

Ref document number: 20779493

Country of ref document: EP

Kind code of ref document: A1